Why American software is junk and why it matters
Pages: 1 2
Fred Smith (8327) 12 posts |
I hope it will be understood that I write the following being somewhat unfamiliar with operating system design but with the understanding that it is true to state that I also hope that if things are presented properly in this regard that this might help in terms of securing funding /an interest in updating RISCOS. There is no reason (and correct me if I am wrong) why it is technically impossible. The following is written for the novice who might be unfamiliar with RISCOS and indeed operating systems so someone might wish to copy what is written even if it is a bit “Janet and John” and written in simple language. Anyway, I am rather irritated at software which runs slowly, is bloated, does not work as stated, has bugs and so on. It is a modern phenomenon and brings to mind a traumatic memory of first using Microsoft PCs in that like many people I had a sudden urge to throw the thing out of the window. In the 1990s, the United Kingdom under the tutelage of an Italian company was at the very forefront of operating system design. Operating systems on the face of it to those who are not familiar with such a term do not sound like particularly important but they of course are the bit of software which controls not only computers but also hardware such as mobile phones, gadgets, routers and so on. Operating systems are therefore of equal importance to the CPU. They go hand in hand if you will much like a husband and wife. The operating system which was at the forefront and way ahead of its time in the 1990s was RISCOS. In the most important respects it still is. Its ran on ROM and was thus impenetrable to hacking (with the proviso that the memory was unprotected and needs development), had anti-aliased fonts, a task-bar, was stable and microscopic in terms of the amount of code used, and far more advanced and faster than its competitors such as Microsoft even with the latest version running on the latest hardware. It would boot and still boots in a few seconds whereas Windows would take the best part of a minute. Moreover one did not “install” software, one simply copied it RISCOS still exists today even if it is true to state that it obviously lacks modern features which could be added such as preemptive multitasking and internet security and is still more use-able than windows. It feels light and crisp and instant in a way which even OSX, for all Apple’s talk of miniaturizing, never could match. RISCOS is supplied on a 4MB rom whereas its then equivalent windows 95 was from recollection 10 times the size. The latest iteration of windows is now around 16 gigabytes The trouble is the British establishment not realizing (again!) what they had, decided to throw away this golden technology in favour of what is to be frank junk which is american in origin. The UK could have ended up with a situation where it dominated the CPU and OS markets where it could have had the Microsoft of the time but willfully threw away the later. The argument at the time was that RISCOS was not “industry standard” and that it lacked software which may to some extent be a valid reason except for the fact that American software and the culture which emanates from that has brought its own problems. As I shall explain, this is pertinent to the internet age and means that a decision to overlook an operating systems like RISCOS should be reversed, particularly given that it is eminently feasible to do so. This isn’t to say that Americans are no good at hardware but that when it comes to software, america is a country which should be avoided and Americans moreover might like to buy from abroad as well. The reason why this should be the case is down to ,what I think is called psycho-geography. Because Americans live in a large country, they tend to as a consequence have a disregard for the efficient usage of resources and an emphasis on things which are big. Thus they have big SUVs which consume lots of gas (which is a liquid by the way), large freeways, large government departments and so on and they tend to think that a solution to any given problem is trample things to death with lots of money. As a consequence they tend to make big and bloated software and CPUs with a large team because inherently they do not consider the importance of making software small, something which it is especially important in the age of the internet. The fact is that it is axiomatic to state that the more code and complexity you have in software, the more bugs and security flaws there are likely to be and that any bugs and security flaws will be more difficult to spot and to fix. In the age of the internet age this is important given the fact that computers are now more vulnerable to hacking and one would think there would be attempts to minimize this. If you like a piece of software is like a castle which needs to be protected against aggressors and it does not do well in this respect to build a castle which should be 1000 metees squared, on the scale of Paris in that it is more difficult to maintain and protect. There is no argument which contradicts this basic principle as far as I can tell. It seems obvious. As stated, when one looks at American operating systems from 1995 such as Windows or indeed MacOS, one can see that they were to the order of 15 times larger in terms of their code base than RISCOS even though they performed much the same task than that operating system, did so not as well and were slower on faster hardware. Because the code was so large and complex, the hardware which, in part because it was CISC based, overheated and needed a fan. The software was slow and not crisp. When additional features were needed or “improvements”, the approach was the one should not look at the efficiency of the code but that customers buy faster hardware in order to run less efficient software. This culture engendered a laziness on the part of programmers in general who made equally large bloated and insecure programs because they could rely upon Moore’s law and thus rather ironically cancel out the effect of that law by running bloated software. We now have a situation where 1) The latest version of Windows and Macos when installed take up many gigabytes of hard disk space whereas the latest version of RISCOS (which needs some modernization) is still 4 megabytes of so . It is rather ironic that Apple miniaturize their hardware whilst increasing the size of their software, something which in turn can have an effect upon the size of the hardware. Apple hardware for example gets so hot that it has to have a fan to cool it. Perhaps this is intentional in that if America provides code which is insecure and engenders a culture of insecurity, they think they can easily gain access to computing devices and to the information which they contain but then such a principle equally applies to America and as such they cannot really complain about hackers from whichever country. There needs to be a culture change within software development. Not so much a culture change as a revolution. A big bang if you will. One could in this respect look again at RISCOS. It needs development but the important foundations are there and you might like to take a look at the operating system. One could quite feasibly do the following This has a consequent beneficial effect upon the complexity, cost and environmental friendliness of the hardware. For example one can run RISCOS and to run the local equivalent of Microsoft Word or indeed a graphics package on a Raspberry Pi. Even thought the hardware is slower, the software runs in a crisp manner which is unlike Microsoft. The hardware could run from renewable energy as opposed to batteries or indeed a power plant and would also affords sovereignty from the current set of American companies The plain and simple truth is a country which promotes operating systems and software which runs into the gigabytes and which considers that this does not matter is responsible for delivering junk. Moreover it is difficult to see how that country ultimately benefits from such a policy. On the other hand countries which do not have such an approach could if they so chose to invest in such an operating system as RISCOS and along with the right approach completely dominate the computing industry. This of course includes the Europe Union who by the way employ the co-founder of Acorn computers (a company which delivered RISCOS whilst under Italian ownership) as vice-president of the European Innovation council in order that he might help to promote European leadership with respect to tech companies. |
Timo Hartong (2813) 204 posts |
Can you make this a real short story and tell exactly what you want. I think this story should be moved to Aldershot and not put in General. Because tax on application size you are joking right ?. |
Rick Murray (539) 13851 posts |
Oooh, a wall of text. Looks like I have competition. ;-)
There was. Now pretty much everybody in the developed world has cheap and nearly unlimited broadband or 4G. So, no. There is no “pressing need” for apps to be small. In fact, the trend shows rather the opposite.
Partially. Almost all sortware has bugs. However back in the days when software was supplied on ROM, a nasty bug could sink an entire company (or, at least, leave them with a lot of worthless stock).
You must be young. Trust me, it wasn’t like that under DOS, when one had to juggle not only printer drivers, but screen drivers, and maybe even different fonts for the different screens. Sure, Windows is like that too. But Windows is like that once. In DOS, it was every bloody program. And it was necessary to ensure that your printer had the ability to emulate something else (usually LQ or LJ) because if your printer wasn’t a wildly popular model from a major manufacturer, you just won’t have a driver. All of the laser printers I used in the ’90s were via HP LJ2 emulation, except one odd one that was an LQ emulation (yes, a low-res dot-matrix!).
No it wasn’t. The Italian company effectively bailed out Acorn, and Acorn (unknown at the time to the sugar daddy) were at the very forefront of processor design.
A rather simplistic description. One could say a PC’s BIOS fits into that description, but it’s not an operating system. Operating systems are more like a collection of drivers, resources, and utilities that allow you (the user) to be able to use the device.
You don’t need an operating system to use a CPU. Out in the embedded world, a small bit of custom firmware will run on the processor in order that it perform the expected tasks. Bread makers, washing machines, the sorts of devices that can offer “smart” functions using an eight bit processor and maybe half a kilobyte of RAM. It doesn’t need an operating system. It just needs some code that runs at power-up to do what needs done.
There lie the ruins of many a holy war.
As did pretty much every single one of the eight bit era, and quite a few of the sixteen bit era since at the time ROMs could be larger and faster (and more reliable) than floppy discs.
By version three, yes.
Apples vs Oranges. RISC OS, at start, doesn’t actually do a lot. Windows… does. Sure, it’s a tragically slow memory hog, but press “Windows + R” and in the Run dialogue, enter
Depends upon the software. PhotoDesk needs to be installed. Back in the day, Impression needed not only to be installed, but a hardware dongle.
Here we go again. One does not bolt pre-emption on to a single user single process operating system that multitasks via magic and smoke and mirrors. Seriously – the entire Wimp message handling system is predicated on the fact that you will get your message bounced back to you once everybody else (who may be interested) has been offered it. Pre-emption means a task could be “busy” which would break that.
True, but then I believe it is actually possible to get a booting version of W95 onto two floppies, which means Windows wins. Okay, it doesn’t do a lot and it only assumes very basic hardware (like a 16 colour VGA screen), but it does indicate that a fair amount of the bloat (for a full distribution of W95 requires 54 floppy discs) is a large stock of drivers for the many different sorts of “PC” that existed then. Indeed, the definition of what a PC is has always been rather vague, so operating systems need to ask the BIOS and/or probe the hardware to try to work it out for themselves.
Not with RISC OS, they wouldn’t.
That’s always a rubbish excuse trotted out by the sort of people that think it’s totally okay to attach Word documents to emails.
Hmmm… Shades of Trump’s lunatic rantings about Huweai… H…. oh, however the hell it’s spelled. You know what I mean.
I’m not sure it’s exactly logical to generalise a population of some 350,000,000 people. I’m sure some happily use software from other countries. And some plant big flags on their porches and won’t touch anything that wasn’t born in the yew ess aye.
As opposed to, say… Harddiscs are enormous and memory is dirt cheap so efficiency isn’t as important as it once was?
Because big population? If you’re going to point out such bizarre differences, then place let me point out that many French motorways (and moterway-like roads) are two lane. The English equivalents are three lane. So stop talking about British stuff and use French. It’s clearly a third more efficient. Motorway sizes said so.
? I’d have said “throw bombs at it”. But, again, we’re into stereotypes.
…is what you meant to write…
There’s a very obvious argument. A castle the size of Paris (see? told you France FTW!) is a castle. It might be a hulking monstrosity with a hundred unguarded entry points, but it is a castle. By comparison we have a timber frame house with wattle and daub walls.
As does the Pi4 by all accounts. The thing is, CISC design and microcode meant that the number of necessary transistors got very large very rapidly. Which is why pretty much anything after the slab of the early Pentium needed cooling.
First, double or triple the RISC OS size. You’re not counting the stuff in !Boot are you? Start up your machine without booting properly, see how useful it is. The stuff in there is important. Secondly, Windows is insanely more complicated and capable than RISC OS. Tell you what – I’d like to download the lyrics to a song (it’s in Russian), copy them to a document so I can print them tidily to my AirPrint/IPPEverywhere capable printer via WiFi, and then stream the music video and watch it. It’s a song called “Luna” by a group called Mysterya. From RISC OS? Let’s see… Cyrillic font? Native WiFi? Modern printer? Video? Uh-hu.
My iPad doesn’t.
I think this has more to do with advances in technology than any particular company. Back the the ‘80s, technologies like flash memory didn’t exist, and the price of a megabyte of harddisc storage would be urine inducing. Seriously, a 40MB drive would have probably cost about as much as the computer. RAM was dead expensive too. That is why the original ARM (the 26 bit PC incarnation) could only address 64MiB, and why the original MEMC could only handle 4MiB per MEMC. It’s because this stuff was so damned expensive that it was unthinkable that anybody would really want more than 4MiB in their machine.
…and the 737-MAX?
Ah, but the thing is – failure of airplane will kill people. Failure of a railway or a car will kill people. Failure of a nuclear power plant will kill people and leave the surroundings uninhabited for quite a long time. Failure of a word processor? Not even remotely in the same category.
Though more and more these days, people expect to receive free updates for a “reasonable” length of time.
Because Windows (or even Linux) does rather more at boot. RISC OS doesn’t even check filesystem integrity FFS.
Thank you, I’d prefer to let a happy Swedish teenager talk about the environment. Because there is so much wastage here, a lot of which can’t be pinned on any one company or country, but simply a sign of global tech malaise. Printer inks? The fact that some people buy a new printer because it’s cheaper? Mobile phones and tablets? Electronics buried under gobs of glue because no part of them is intended to be replaced. Chuck it away and buy a new one.
It’s called capitalism. They exist to sell you stuff. If they can’t sell, they go bust. It’s not moronic, it is just how it works.
You do realise that the FBI chief keeps spouting nonsense about wanting Americans to have good encryption with a back door that the feds can use if necessary? But, then, we’re talking about a country that solved the problem of uncovering security flaws in electronic voting devices by hacking them… by outlawing the hacking.
I won’t hold my breath. People blather all sorts of personal info on Facebook as if there’s nothing to worry about. And earlier on the TV I saw an advert for “Uber Eats”, which just seems so “oh my god!”.
<raises eyebrows> You… uh… do… know what the RMA is, right?
I’d really like to see your feasibility study regarding the addition of PMT.
First, this won’t fly with modern hardware that boots from SD or the like. Secondly, it’s irrelevant. Only a newb would hack the operating system. Anybody with more than a single cluon would hack the user. And that’s ridiculously simple under RISC OS whether it’s in ROM or not.
I’ll point you, once again, at the RMA.
Have you been following what’s been going on with those clever people who are hacking the actual processors? You know, the cache miss data leakage, the one that can set up specific states by fiddling with the processor core voltage in certain ways? In these cases, the operating system is largely unimportant because the attack vector is the processor itself.
And are you going to provide a guarantee of the stability and safety of your curated apps, or will this be yet another pointless walled garden lulling people into a false sense of security?
Just as there is an argument to state that modern applications are of a level of complexity where running logical and mathematical analysis on the program to verify all possible code paths is… not only infeasible, it’s also not even remotely realistic.
Except… Wow… Where do I even begin to shoot that down. You are NEVER EVER going to get a secure app on an OS that will grant anybody kernel level privilege with one SWI call.
That rather depends upon your thoughts for cider, don’t you think?
Are you… even old enough to be considered a teenager? Surely nobody with a double-digit age could write something so utterly naive.
That’s how I release my software. Okay, it’s all free, but still. Would you like something that mostly works today, or something perfect never? Your choice. I do this as a hobby. For fun. I’m mostly writing stuff for myself, and releasing things in case it may be of use to others. Yes, defects should be found. But they aren’t. Not always. Sometimes I do “one more thing” when it’s late and I need to go to bed to get up in five hours to go to work. It’s not a good state to be in when programming, but given how scattered my attention is, I take what I can get.
You seem to be obsessing about the small codebase. You know how? Validate the bloody inputs! RISC OS barely does. Which can lead to some interesting bugs turning up.
Show me a ten line program and I’ll show you a Actually, let’s put it to the test. There’s more, but it’s quarter past midnight. I have to be up in seven hours so I’ll bring this to a close here. |
GavinWraith (26) 1563 posts |
Wow! A long rant with lots of good points IMHO.
A nice thought.
Yes, with libraries of appropriate tools, future proofed against changes of hardware.
An OS is hardly a project for an amateur (eh, Linus?). In the case of choosing an OS the market has conspired to suppress competition. If there were genuine choice we would be less likely to be saddled with bloat and poor GUIs. Part of the problem is the lack of practical specification for software. Specification is a vague term, and can mean anything on a gamut from hand-waving waffle to an abstract program. The idea used to be, perhaps it was naive, that first you specified what you wanted your program to do, then you wrote a program, then you proved that your program satisfied the specification, then you implemented the program and then you tested it. Maybe some of these steps were done in a different order, or done in parallel; and do not forget that most of the activity involves debugging and starting all over again. An OS should be accompanied by detailed documentation of the principles on which it has been designed, and of how the user’s programs can interact with it. Of course this will be a moving target, so the design has to abstract away from the hardware and be capable of extension, within clearly laid down principles. The perennial problem is how to do this without sacrificing speed and economy (think of X11). For any sort of UI there are various principles which should be followed. For example, every user-action should be followed immediately by a response (visual in the case of a GUI) to reassure the user that their action has been recognised. This forestalls unnecessary repeated actions because the user thinks the input device may have broken. RISC OS is pretty good at fulfilling this principle, Windows can be rotten. I think Fred is a little optimistic in seeing RISC OS as a basis for a lean universal single-user OS. Such a thing would need a complete redesign IMHO, starting at a level of extreme abstraction. The foundations of RISC OS are not robust enough that the extra features it needs could be simply tacked on. In fact most software dies eventually because the foundations of its design have not been abstract enough to cater for later developments – too many built-in assumptions. Linux, with its plethora of distributions, can be seen as a useful arena for testing out different ideas; file-systems, for example. Whether RISC OS can take advantage of Linux I do not know. Sadly, the ROX filer experiment, trying to produce a RISC OS-like GUI for Linux, appears to have hit the buffers. But consider how many more users there are of Linux than of RISC OS. More important, repeat the previous sentence with the word users replaced by developers. |
Fred Smith (8327) 12 posts |
Well quite, I did say it needed a lot of work and well it looks like I am not the only one who agrees about code size https://tonsky.me/blog/disenchantment/ Anyway Rick Murray perhaps misses two important points The first is about the general importance of code size in the age of the internet. I know that one could get a 3 ghz computer with 16gigs of Ram and code size would not matter from certain perspectives. That’s obvious given that my computer is around 3 Ghz and has 12gigs of Ram and it can run X program. This is not the point A basic principle is that the more code you have, the more bugs there are likely to be and the more difficult they will be to find. As such larger code is inherently liable to be more insecure. The second is that RISCOS needs development (ı.e. updating). It offers good prospects in that, apart from other things, the approach of other computing platforms, for the most part, is, as you have stated, not to pay attention to the importance of code size. Many platforms most notably Microsoft and Apple have much legacy code. It would be rather easier to start small and build upwards on the basis of smallness rather than to rebuild something which is inordinately large.
See above That’s the essential point I am making.
Or as pointed out, you supply roms with the latest update or indeed with a software overlay or indeed perhaps with a hardware switch which you can perhaps flick which means it cannot be updated.
RISCOS didn’t use drivers (except to some extent printers). And even Microsoft acknowledged that 3.1 was deficient in that regards in that they went on about Plug and Play for the next release.
Arthur perhaps and I did say it was under Italian ownership.
I said at the beginning that it was “Janet and John” written for people who are perhaps unfamiliar with such terms so I am not sure what point you are getting at. It is the software which operates the system so I called it an operating system for the sake of simplicity
That’s my point. It’s far too complicated for what it does. And many people appear to agree because they run things like Linux. RISCOS needs updating which isn’t the same as making it more complicated. In any case, one can easily argue that certain standards should be ignored as Apple did with Adobe Flash
Two exceptions. Go on :)
Added by integration. I think perhaps you are splitting hairs maybe
Forgive me but why can you perhaps explain why you are on a forum which is meant to promote the development of RISCOS if you don’t think much of RISCOS. I mean its OK. Some people like Eurovision. And one can watch old science fiction where the actors make fun of their own acting in commentaries.
Not really because most of the hacking takes place upon software which is American. It’s not Chinese or Russian or indeed British for the most part.
See the first point.
Population density in France or indeed the Netherlands is greater than the US is it though?.
Hence the important word “tend” as one can see from the fact that they trampled the middle east to death with bombs costing 7 trillion dollars. Not really a stereotype is it?
The point of the argument is size and you seem to have overlooked the fact that I did not refer to RISCOS but the general principle. RISCOS does need an overhaul as stated The more code → the more bugs → the more difficult they are to find→ the less security there is
Not that I can see
I look forward to seeing an ipad with a fan.
Yes its too complicated and you can even see that when you compare it to say Linux. And RISCOS is still small by comparison.
The point being is that if one compare the equivalent at the time RISCOS 3.5 would have been able to do most of Windows did. And that refers to apps for the most part.
Well quite. A modern development which should change
Or hacking and stealing and so on in government departments. Not important at all. For example with wannacry
Because it boots from rom for the most part and er um needs an update as is the point of this article.
Thank you for not addressing the point about the environment :). I think the European union might disagree with you as a result of their decision today . Yes and this is called innovation. You improve the ways of doing things and watch things like the Ford Edsel or indeed American car manufacturers decline in importance because there are better alternatives. Thus you end up with detroit and thriving foreign car manufacturers.
That’s called a “wish” which has not been granted and cannot be granted because people will move to alternative poducst. It does not exist with signal or indeed AOSP. No they don’t know anything about security because if they did they would not just to give one example, grant over a million people top secret security clearance.
I estimate 3-5 million pounds at the most for the entire OS if we are talking about finances
Why not the software is small. It’s not like you’d be running word,
Two maybe three instances and there is xen
Yes like the appstore….
Yes it is. Governments use word processors and so on. They commonly used microsoft word or indeed openoffice
Heard of Xen?
You mean. “I cannot imagine anything different” Perhaps you have an argument. It’s not that difficult and Apple provide a warning for example if the app you have developed is over 100Mb
By proceeding on the basis that its unimportant that’s how. You said as much earlier
And with 100 line program you’ll find 10. |
David Feugey (2125) 2709 posts |
Code size is irrelevant. Code efficiency counts. Firefox, for example, can do almost everything, from video playing to accelerated 3D. Its code is not bloated, if you consider all the features provided.
FreeDOS is smaller than Windows and RISC OS. So it’s better?
That’s a perfect example of much bigger code for better security (contract programming, massive type checking, etc.) and much slower OS for better predictability (real-time OS). The absolute antithesis of RISC OS. |
GavinWraith (26) 1563 posts |
We all appreciate simplicity and economy, for a number of reasons, both ecological and aesthetic. The trouble is that simplicity is often an illusion, created by overlooking detail. Isaac Asimov’s joke about the Three Laws of Robotics might have been intended to nail this one, but lots of people did not understand that it was a joke. For tying down the notion of codesize, google Gregory Chaitin . |
Fred Smith (8327) 12 posts |
The more code you have, As such larger code is inherently liable to be more insecure. As Rick Murray said
So as he himself states, the more code there is the more bugs he can find.
I would hardly describe mozilla products as efficient or having lots of features or functional given that
These are not GUI based products so is this a fair comparison? The version of Windows embedded to which you refer from my understanding does not come with a GUI
I seem to recall that nuclear power stations in Iran were subject to the Stuxnet virus a while back which I think was developed in Finland. ETAP for example runs on windows. Not exactly secure and I would imagine (or at least I would hope) that they are not connected to the internet. And the F35 is the perfect example of large code which does not work properly and which is apparently more difficult to fix |
Rick Murray (539) 13851 posts |
I’ll reply to this when I get home this evening and get some tea in me. |
Stuart Swales (1481) 351 posts |
Secure by design? “If I wanted to go there, I wouldn’t start from here!” |
Fred Smith (8327) 12 posts |
Well I mean it’s on ROM and it’s small. It is also true to state that the more complex and large something is, the more unstable it is with the exception perhaps of biology but then this is a different kettle of fish in that the later relates to things which are organic. Even so, nature has a preference for smaller mammals from what I recall of David Attenborough Three example are Chemistry: The higher up the periodic table one goes, the more protons an elements has and the more unstable it is. |
Clive Semmens (2335) 3276 posts |
More unstable, and more liable to have unforeseen security holes. |
David Feugey (2125) 2709 posts |
Simple answer: no. Quick example: take a lowercase to uppercase code. The smallest version will do the job. But to avoid security issues, you must do type checking, and check the range of characters, buffer overflows, etc. More code, for more security. And now, proofs that this is not so simple: Sources:
It does.
True, and less seen security holes too, as part of the code is sometimes here only to avoid security issues. BTW, I find very funny for someone (Fred) who say that less is more secure, to suggest that to get a more secure version of RISC OS, you should add an hypervisor and run Linux apps. Question 1: if you add more code to provide an hypervisor, should it not be less secure? I don’t want to be rude, but I really don’t understand your point. |
Clive Semmens (2335) 3276 posts |
Obviously missing out necessary security features doesn’t improve security; but missing out unnecessary fancy features certainly does. More importantly, taking care over writing code rather than throwing it together in a hurry and getting it working somehow is important; otherwise you produce bloated code, susceptible to errors of all kinds, but specifically security holes.
|
David Feugey (2125) 2709 posts |
No, that was Fred… Bad transition in my answer. Sorry :) |
Clive Semmens (2335) 3276 posts |
Nae problem my friend! 8~) |
Clive Semmens (2335) 3276 posts |
Also, I didn’t make clear that the bloat and the errors in thrown together code are distinct issues, but both consequences of the thrown-together-ness and so often occurring together. |
David Feugey (2125) 2709 posts |
I agree. That’s why I prefer to talk of code efficiency (you can extend this idea to application efficiency).
True too. But it’s funny to note that it’s mainly a small projects issue. If you do this on big projects, they’ll quickly collapse. |
Fred Smith (8327) 12 posts |
The more code you have, The more bugs there are likely to be The more difficult they will be to find. And the later crashes on mine despite the latest updates so the source is not true. And indeed is proven by the fact that they issue updates every month… In any case bugs tend to turn up when they aren’t expected so how would people know? I did say bugs need to be detected and you don’t necessarily know whether they are there or not. Moreover, as a general principle, it is obviously the case that it is more difficult to find bugs where they exist in the later. The version of Windows embedded to which you refer from my understanding does not come with a GUI It says that Windows embedded needs 2GB here
1) You run linux apps where there are no native apps. As regards all these different means of communication which are missing from RISCOS (Airplay and so on) why not just miss some of these out and go for what is standard. (Confession. I don’t like Apple) Perhaps some of you like RISCOS in the same way as some people like Doctor WHo DVDs starring Peter Davion so you can laugh at the acting as he does in the commentary |
Fred Smith (8327) 12 posts |
Quite https://www.onr.navy.mil/en/Media-Center/Press-Releases/2016/Software-Bloat.aspx So why don’t American software producers take note |
Chris Mahoney (1684) 2165 posts |
Indeed. At work, someone declared “I WANT IT NOW!” and kept going to their manager, their manager’s manager, etc, until we ended up with a directive to write the system before the Christmas break. Due to lack of resources, one developer spent 2 weeks on it, then handed it over to me with the comment “it’s almost all working, but features X and Y still need to be written”. I then spent the next three days fixing bugs in the existing “working” system before even touching the new features! |
Rick Murray (539) 13851 posts |
Future proofing is mostly an illusion. You can make something upgradeable, but you’ll find the original specification itself is what ages. Consider the RiscPC. Easy to slot in newer better processors, until the processors far exceeded the capabilities of the slow memory bus. That’s hardware. In software terms, consider Java. It was to be The One to take on the world. Flexible, capable, with many available libraries. What’s trendy these days anyway? Rust? Or is that now a has-been?
It’s worth pointing out that Linus looks after the kernel. It’s the most important part of the OS, certainly, but the majority of software on that installation CD has nothing to do with Linus other than his platform created the ecosystem that gave birth to the likes of Debian and Ubuntu.
You make it sound more deliberate than it is. Generally speaking, an OS needs to be popular. If it is popular, there is a business case for supporting it. Thing is, nobody looking after LibreOffice will give us more than a passing glance followed by a shrug and maybe utter “a what now?” having no idea what RISC OS actually is. Because our user base and market reach does not justify the effort in porting. Anybody can introduce a new OS. And people do. And sometimes (Symbian?) they are popular. But eventually a larger juggernaught will come and push them off the road. Why would a developer support multiple small systems when she could support two or three big ones? [or take sides and just support the one]
Quite a few things fail in this respect. Even on RISC OS. Spot the double-postings on days when there’s server lag, so people click the button twice thinking that the first time must not have worked…
“can be”?
Okay, shoot…
Code size is irrelevant in the age of the Internet. That means, for me, an entire ISO CD image of the Linux distro of my choice in about three quarters of an hour. All of it, the entire thing. Burn to disc, boot it. So, no, I don’t think in the age of broadband internet, that code size makes much difference at all.
Mine’s a P4 clocking around 2.4GHz and has about 3GiB RAM. But it’s running XP SP3 and XP gets a bit stressy if you give it more than 3GiB. And anyway… 12 gigs? You have 12 gigs? You need 12 gigs? That’s just silly amounts of memory… Your point was?
You are making a logical fallacy. There is no correlation between code size and security. You can easily have a small tight piece of software that is worse than a hulking monster if the small one gets its lean size because it doesn’t bother to validate inputs, sanitise things, and include protections to try to reduce potential attack vectors. Dealing with potential problems adds code. There’s no if-but-maybe. I said yesterday that I could easily double the size of RISC OS by adding code to sanitise inputs. Inputs to every single API. Seriously – you can write a few lines of BASIC (a user mode program) to HeapSort the RMA, and RISC OS will happily do so until the point where it crashes.
That’s obvious. It’s kind of why all of this exists…
RISC OS is much legacy code. Did you notice in the kernel sources “Arthur2”, “Arthur3”, and “ArthurSWIs”? Or the keyboard handler code (in PMF subdir) was started on the 13th of October 1986? Quite a bit of the VDU code dates from ’86 too…
And as pointed out, modern ARM boards don’t support ROMs. Precious few of them support Flash. They boot from SD, µSD, USB, net…
RISC OS bloody well did use drivers! The primary difference is that Acorn manufactured the machines that their OS was for, so your original-era serial port was one of three possibilities:
The RiscPC introduced the 16550 compatible UART built into the FDC37C665. But note that RISC OS 3.5 and later only work on a RiscPC, so the older code could be discarded. And so on. Of course, there was a good selection of add-on podules to do all sorts of things. IDE cards, scanners, digitisers, MIDI, I/O, blah blah. And you know what? Pretty much all of them needed to have a ROM or EPROM onboard, not only to hold the device’s identity (RISC OS needs to know certain things about it at start-up), but also to hold the module(s) that comprise the various drivers and things that are necessary to make it work.
That was not Microsoft. That was the world moving to PCI and leaving behind the mess that was (E)ISA. Plug and play can work with self-configuring cards. It doesn’t work with cards that need the user to fiddle with jumpers to set up IRQs.
Nothing to do with the birth of Arthur/RISC OS. It came about because the OS that Acorn wanted to release (ARX) was too resource-heavy for the platform to sensibly cope with, and too late. They needed something to go with the hardware that they already had. And so Arthur was cobbled together in a hurry and… well.. it’s how we got to where we are today. Have you read: http://www.rougol.jellybaby.net/meetings/2012/PaulFellows/
Most of us around here are nerdy enough to know what an operating system is and what it does. Therefore it helps to be concise in stating what you mean.
The point that “operating system” actually has a commonly understood definition, that is to say that it is a set of services that interact with the machine’s hardware to allow other (user chosen) programs to be run. In other words, your small and simple “explanation” was simplified to the point of being wrong. Thus demonstrating that things which are smaller and simpler aren’t necessarily better. Language, code, cars… it’s the same.
Which, under the hood, is arguably more complex than Windows.
I’m sure people here with other large commercial products might be able to give their input? Arguably some software such as Zap could do with an installer. Bits go here, bits go there. It’s easier to click a button than drag stuff hither and thither.
I think a lot of RISC OS. However I think you’re crazy to think that throwing some money at it will make it a world-class operating system that can not only compete on the same playing field as the likes of Windows, but win. Many came. Many crashed and burned. Besides, Android vs iOS is where the battle is at now. And, amusingly, Microsoft failed to gain any useful foothold in the arena. The short-lived Windows Phone is no longer. Is the Surface still a thing? I don’t remember – I just remember that that were way far in third place, so far it hurt.
Uh… is that a pointed dig or did you just pick that randomly? ;-)
Oh come now. Hacking Windows is so last decade. Now it’s all about hacking rubbish IoT devices thrown together from a botched and butchered Linux in a basement in the arse-end of Shenzhen, Guangdong Province. I mean… it’s not like it’s much of a challenge either… https://heyrick.eu/blog/index.php?diary=20170617
Ridiculously considerably, YES. The US has a population of about 330 million. The UK has a population of about 66 million. It just so happens that 330 is five times 66. For France? Basically the same population as the UK, and about twice the land area. Lower population density, but nowhere near as low as the US. Because, you know, you could go to some place like Montana and have the eerie feeling that you can see the horizon in every direction, and you are the only person in that entire space. Because America is just bloody enormous. Feel free to look any of this up. I knew it because I like geography, but I’m sure Google will point you to sources that agree, should you care to verify.
No. Because if one was to consider the actions of a small subset of people as representative of the entire populace, then it would be clear that English people are Brexit-loving foot-shooting xenophobic racist pillocks. Are they? Or is that just another stereotype? [note: the Tories may have won, god help us, but more of the electorate didn’t bother to vote than those who voted for the winning party]
It is true and logical that more code gives rise to more risk of bugs. It does not necessarily follow that every bug is a security risk. Indeed, correctly functioning code that uses strcpy() instead of a ranged strncpy() may become a vector for a buffer overflow. It isn’t exactly a bug, as the code is functioning correctly. But it is a flaw that could potentially lead to security problems. As does the Pi4 by all accounts. https://maker.pro/raspberry-pi/tutorial/how-to-prevent-your-raspberry-pi-4-from-overheating Random result returned from Google search for “Pi4 overheat”. There are plenty of others.
Ever wonder why it is in a metal case? It’s not just like that to dick around with the WiFi antenna. Ever wonder why the Samsung S9 (and similar) is basically two bits of glass mounted in a metal frame? The metal part is the important part. Run something processor intensive, like Maps Navigation with GPS and it will get hot. Because that bit of metal around the edges? That’s the heatsink.
Based upon what metric? If magically RISC OS was adapted to do all the stuff that Linux can do, it would logically be “more or less the same size” because it’s basically doing the same sort of things.
Yes, it did. And RISC OS did more than Windows back in the 16 bit era, when both were version 3.xx. But that ship has not only sailed… all of its crew have retired.
A fair amount of “hacking” in that context is more social engineering than “skillz”. RISC OS doesn’t even check filesystem integrity FFS Where it boots from isn’t relevant. Any serious OS needs to periodically verify the integrity of the filesystem, so you don’t find a growing accumulation of errors because, oops, those blocks weren’t what they looked like. It should be triggered automatically if there’s a power cut. You’ll note that both Windows and Linux do. Yes. Updates and enhancements are needed, but maybe you’re starting to understand why RISC OS is lean and mean? And, while we’re at it, why it’s not the basis of taking over the world. By all means make something RISC OS like, because there’s a lot (especially in the UI) that RISC OS gets right. But it won’t be RISC OS.
I did address it, by pointing out a much larger problem. Bloated code burning extra cycles is less of a problem than the mentality of “disposable devices”. Think about it. If I choose wisely, I can buy a printer with a useful amount of ink supplied with it (and not one of those stupid “starter inks” that runs out after a dozen pages). I can buy it for less than the price of replacement ink. So I can buy a new printer, and chuck it, and save money compared to buying a set of inks. All these phones and tablets, welded closed with massive amounts of glue. Some are carefully designed so that fragile things actually break if one tries to open them up (the glue most by liquid, if it isn’t, you can probably kiss goodbye to the USB port and maybe some of the display ribbon cable). It’s a frequent rant on… is it i-fixit? I forget. We’re not talking about landfill, we’re talking about everything (and all the precious metals) involved in their creation as well as the landfill. So as you can see, I did talk about the environment. And pretty much the same point you were making, too. I’d really like to see your feasibility study regarding the addition of PMT. Uh… That’s not what a feasibility study is. Cost projection is a part of it, yes, but… well… feasible. Clue in the name.
You seem again to have overlooked the fact that fixing the OS to make it secure by any useful definition of the word… would require a ground-up rewrite that would probably break vast amounts of existing software and change the API out of all recognition. That’s just not my definition of the word “update”. And are you going to provide a guarantee of the stability and safety of your curated apps, or will this be yet another pointless walled garden lulling people into a false sense of security? Oh, you mean the appstore (pick one, they’re both guilty) that has had to pull apps (including removal from people’s devices – Play Store Services can do that) because of issues that never would have passed a properly curated environment. One for Google: https://www.theregister.co.uk/2019/08/22/google_play_malware/
And how many have therefore been proven to be computationally correct? You are NEVER EVER going to get a secure app on an OS that will grant anybody kernel level privilege with one SWI call. Irrelevant. Read what I said. I’ll highlight a salient point: You are NEVER EVER going to get a secure app on an OS that will grant anybody kernel level privilege with one SWI call. Running a hypervisor, you may have secure apps on another OS on the same machine, but you simply cannot have security on a platform where one simple call will make me “kernel level”. Or, indeed, a sweet little SWI that means that my app can read the entirety of your app’s memory. A bit of lateral thinking and my app could probably change your app’s memory, on the fly, as it is running.
Actually the point was “even the smallest program will have a bug”.
There’s a reason. You just don’t know what it is.
It’s about as fair as comparing RISC OS to Windows when, frankly, all they have in common is the use of a desktop metaphor.
Hmmm, an RTOS isn’t “slower”. Much the opposite in fact. It is a fast deterministic system that mostly looks after multiple threads (rather than multiple applications). The prime differences between it and traditional OSs is that the developer usually gets control over its threading behaviour, and that it is deterministic. That means that one knows how long things take. A thread must be invoked, do its thing, and be done in a known amount of time. This includes responding to external events, how quickly a response can happen, when the response will complete, and so on.
The nerdy word for that is “entropy”.
And even more in a million lines. Because code is written by people. And people are not perfect. However, bugs and security issues are not the same thing.
I did ask Fred for a demonstration. I’ll repeat it: Please provide a routine to convert a string of characters to lower case. As we’re talking RISC OS, I will expect it to be written in assembler. String will be C-like (null terminated). You can assume R13 points to a stack, and R0 points to the string, and R1 points to ample space for the result. If you don’t do assembler, feel free to write it in C. Parameters are
Because AirPrint (using URF bitmaps) is much more widely supported than IPP Everywhere (which is quite recent).
Oh, it would be good to dream of a RISC OS renaissance. Maybe even imagine the sorts of things that could be done with the hardware of 2020 as opposed to the hardware of 1986. But it’s worth tempering these dreams with reality. Malware came on floppy discs. People hacking your machine generally had to be physically present (or in the case of Econet, usually in the same room). There was no risk of Russians or Chinese. I mean, you’d pee in your pants at the cost of an hour talking to somebody on the other side of the country, never mind the other side of the planet. Besides, you’d be lucky to get much done without being noticed on a 1200 baud connection that was strictly single-purpose (none of this fancy TCP/IP bandwidth sharing). If you were using Xmodem to download, that is all you were doing. RISC OS was born in a vastly different time. So, no. We aren’t laughing at it. We think of it fondly (or we wouldn’t bother using it), but we also understand its weaknesses. |
Steve Pampling (1551) 8172 posts |
Or even “won’t, not doing it, no, no, no” “Firefox no longer provides NPAPI support (technology required for Java applets)” Source: https://java.com/en/download/faq/firefox_java.xml and you know what – I can think of just one application at work that requires it, so the much insulted ESR system is the only reason to fire up IE which is legacy enough to support it. |
Fred Smith (8327) 12 posts |
I hope this isn’t rude but perhaps it is true to state that the length of your replies neatly underlines what I am saying about bugs because for whatever reason there are “bugs” in your reply
As such larger code is inherently liable to be more insecure. You contradict the point later by talking about entropy and acknowledge my point . Yes there is. Even the US military acknowledge as much You said yourself “Give me ten lines of code and I can find a bug” Therefore it follows with elegant inevitability that in 100 lines of code you can find 10 bugs The more code you have Bugs can of course include security issues and in any case one can replace the word bug or defect with “security flaw” and the same applies
Seems not to be obvious to be fair :)
Or you er um manufacture one which does.It’s not that hard.
You did not have to install drivers which is the point even if there was software to perform that function. A slight error in emphasis for reasons of simplicity
Er yes it was lol. Here’s one example
And? Should I preclude the average person from participating. In other words people who might be potential newbies or even new customers? I’ve snipped the rest of what amounts to er um pedantry within the context which I have set of simplicity
It has a smaller code base and is thus by definition less complex and can be made not to be complicated by removing packages.
Well you clearly don’t to be fair which is OK
Yes the world will always be the way it is. Don’t change things. Don’t come up with anything different (of non-American or even American). Be “realistic”. Know your place. Don’t complain. Depend upon two American companies Shesh And Surface is a thing.
Disregarding firmware, most software is American. Hence why there are no large IT companies outside of the US with the exception of China whose software foreign users do not tend to use. China, Russia, Turkey, Africa, Asia or the rest of America? Nope can’t think of anything major. There is the odd application but not many Hence most hacking takes place on software which is American because most software is American . Thank you for acknowledgment the point. I made the point about a preference for large freeways within a less dense population
1) So I state that Americans tend to like things which are large and by extension of that you infer that I am stating that it follows that one can state that English people tend to be Brexit-loving foot-shooting xenophobic racist pillocks. Heard of knights thought lol?
OK the more code there is, the more potential security issues there may beT This is a fact which is acknowledged by the US military as pointed out earlier
https://maker.pro/raspberry-pi/tutorial/how-to-prevent-your-raspberry-pi-4-from-overheating So that’s the construction of the Rpi and the specific ARM chip and is thus a design flaw. What has that got to do with software? That is one piece of ARM hardware with an ARM chip on it. One
So Linux is the same size as Windows and does the same things. Jolly good
Well they haven’t actually. Many of them work at Cambridge within the university or indeed at Dr Hermann hauser’s company.
No it isn’t its a choice. Or indeed government computers which are hacked and which I have personally witnessed . So it needs a FS check if it runs from ROM? I said in any case that RISCOS needs updating
SoWe get it you are a RISCOS developer who does not like RISCOS and who pours cold water on any suggestion of improvements. I don’t wish to disuade anyone but why bother lol coming on here? It’s not attractive exactly to others who might be interested in improvements is it?
You didn’t. You made fun of Greta Thunberg and said that it was normal for there to be waste because of capitalism . Here is how to make a feasibility study involving finance https://www.thebalancecareers.com/writing-financial-feasibility-study-3515135
Heard of Aemulor?
Yes what’s your point?
Or indeed an intelligence agency or indeed a ministry of foreign affairs where employees have access to sensitive documetns such as those which pertain to defence which are written in word passed by a standard off the shelf email program.
Not if you are running software in VMs ala Qubes . So type 1 supervisors are not secure then or at least as secure as it gets?
Actually the point is the less code you have the less bugs and the less security flaws
Yes its rubbish software which I will not use because it has a defect. I use an alternative which works
Thank you. Its the second law of thermodynamics but I elected not to include the word. My understanding is “The more you put things together the more they fall apart” And you do acknowledge that the principle exists
And even more in a million lines. Because code is written by people. And people are not perfect. No but bugs can encompass security issues. And one can delete the word bug and insert security issue
Why support it? It’s used on less than 10% of the world’s computers and Apple could use an alternative in much the same way as people had to find an alternative to flash I don’t like Apple by the way. And size of code does matter to google (or at least slowly loading websites which will occur in large part because of a large code base or indeed not properly compressed images and so on). |
David Feugey (2125) 2709 posts |
Really? “While an OEM-only version of Windows XP for 64-bit was released, these Windows XP Embedded products are all 32-bit for x86 only. The minimum requirements were 128 MB of storage and 256 MB of RAM.” A classic RISC OS 5 installation will need at least 64 MB RAM and 83.7 MB of disc space. XPe provides much more functionalities (including PMT, full Unicode support, a web browser, Wifi support and a RDP client). So it’s probably not so bad under the same perimeter.
Correct on all points.
It’s slower because of other aspects. The microsecond scheduler for example, that implies a very heavy load on the system. But that’s another story.
They criticise the bloat, not the size. And you know what? They’re right. Windows 10 Calc : 27648 bytes. RISC OS Calc : 46182 bytes. Excellent optimisation… on the Windows size. But, hey, they have more developers than us.
IF A = 0 THEN A = 1 ELSE IF A = 1 THEN A = 0 A=1-A
Troll point.
Another. |
Pages: 1 2